All of our team members attend Georgetown University, which recently experienced several days of network connectivity issues due to malware. As we found ourselves frustrated over the lack of WiFi, we started to think about designing a one-button system for auditing the networks of small businesses, homes, and even universities. We tried to keep in mind our main users: people who aren't very knowledgeable about network security but want to prevent attacks or exploits against their network.
What it does
When the end user clicks a button on the UI's home page, the network scanner begins to search their network for a variety of common vulnerabilities, including poorly secured ssh, telnet, ftp, and mongo db servers and unencrypted WiFi. Each scan returns a security score (out of 100 points) and a message that summarizes the scan's findings. When all scans finish, the UI presents the user with an average security score (again, out of 100 points) and a file comprising the messages returned by each scan. The user can take this file to local tech support to aid them in securing the network.
How I built it
The scanner itself is a Raspberry Pi running the Raspian OS, and all scanning modules are written in python interfacing with a variety of security-based libraries such as nmap. The UI combines HTML, CSS, and some jQuery.
Challenges I ran into
One of our biggest struggle involved hardware limitations: we weren't able to sniff for traffic on multiple networks because our Pi's wireless chip set does not support this feature. A different chip set would make this process trivial. Furthermore, we found some of the modules difficult to write, debug, and incorporate into our final program.
Accomplishments that I'm proud of
We learned that optimization is important and often tricky - though we did not want our scan to take too long to execute, we wanted it to be as thorough as possible.
What I learned
We learned a lot about network security.
What's next for PiGuard
In the future we hope to incorporate more modules, including a wrapper for the Nessus security project, without increasing the work on the end user's side. This would allow for more and more advanced vulnerability scans.